CVE-2015-3965

Опубликовано: 23 мар. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function.

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-15-174-01
Third Party Advisory
US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-174-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:pfizer:symbiq_infusion_system_firmware:*:*:*:*:*:*:*:*

Версия до 3.13 (включая)

cpe:2.3:h:pfizer:symbiq_infusion_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00323

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-fw6x-q668-xp72